Archives for February 2017

URGENT: your penn states account expires soon

February 28, 2017 by Paul Carlisle Kletchka

Penn Staters continue to receive phishing messages with the subject header “URGENT: your penn states account expires soon.”

These messages were first reported at the beginning of February and this post alerted the Penn State community to their distribution on the Stop Phishing site on February 6, 2017.

Security Alert / Profile Error / Issues With Your Email / Issues With Your Account / Urgent Security Issue / Security Threat / Urgent Issue

February 27, 2017 by Paul Carlisle Kletchka

Phishing Message from 5:39 a.m. on 2/27/2017

From: PSU Admin <admin@psu.edu> [mailto:dr.grosko@mymts.net]
Sent: Monday, February 27, 2017 5:39 AM
Subject: Security Alert

Dear Candidate,

Your email’s security and Defence module, are out of date. Please note that this could lead to security breach if you do not update and validate your Email.

To further protect your account, we would be suspending it if you do not validate your email security
To validate your mail security, click your email below and login to start the process.

Secure Your Account [<– link presents an “ok” button which, when clicked, opens a fake WebAccess page in the mrdangola.com domain]

Regards,
Customer Service Department.

Important Announcement

February 23, 2017 by Paul Carlisle Kletchka

Phishing Message from 9:54 a.m. on February 23, 2017

From: “Faculty / Staff” <xxxxxx@psu.edu>
Sent: Thursday, February 23, 2017 9:54:41 AM
Subject: Important Announcement

A meeting has been scheduled,

Click here to view details [<– Link leads to a fake WebAccess page in the slavecreative.com domain]

Thank you
The Pennsylvania State University

Account Verification

February 6, 2017 by Paul Carlisle Kletchka

Phishing Mesage From February 6, 2017 at 3:54 p.m.

From: “The Pennsylvania State University” <user@psu.edu>
To: user@psu.edu
Sent: Monday, February 6, 2017 3:49:43 PM
Subject: Account Verification

[Penn State Mark]

INFORMATION TECHNOLOGY SERVICES

Information and Communication Technology Accessibility Policy, Verify your email below to avoid lose of account

Account Verification [<– Link leads to a fake WebAccess log-in page in the mysoreclicks.in domain]

URGENT: your penn states account expires soon

February 6, 2017 by Paul Carlisle Kletchka

Phishing Message from February 6, 2017 at 9:15 a.m.

From: “Penn States IT Service Desk” <itservicedesks@pennstate.org>
To: “XXXX XXXX” <xxxxx@psu.edu>
Sent: Monday, February 6, 2017 9:15:00 AM
Subject: URGENT: your penn states account expires soon

The Password for your Penn States Account will expires in 24 hours.
To change your Password to insure it does not expire, pleas click on the following link and follow instructions on the page:

itservicedesk.psu.edu [<– Link leads to a generic login page at an address that starts with http://172.24.21.41/]

Asistance is available from IT Services Desk by calling 814-PSU-HELP, or by visiting Wagner Building, University Park.

Thank you,
IT Services Desk